Lucene search
K

7210 matches found

Prion
Prion
added 2007/08/23 7:17 p.m.13 views

Sql injection

SQL injection vulnerability in index.php in the NeoRecruit component comneorecruit 1.4 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an offerview action...

7.5CVSS8.8AI score0.02574EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2007/08/23 7:0 p.m.18 views

CVE-2007-4505

SQL injection vulnerability in index.php in the RemoSitory component comremository for Mambo allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat action...

8.3AI score0.01029EPSS
Exploits0References3
CVE
CVE
added 2007/08/23 7:0 p.m.47 views

CVE-2007-4505

The CVE-2007-4505 entry describes a SQL injection in Mambo’s RemoSitory component (com_remository) within index.php, exploitable via the cat parameter in a selectcat action to execute arbitrary SQL. Affected software is Mambo with the RemoSitory component; the root cause is unsanitized/crafted in...

7.5CVSS8.4AI score0.01029EPSS
Exploits0References3Affected Software2
CVE
CVE
added 2007/08/23 7:0 p.m.39 views

CVE-2007-4509

CVE-2007-4509 describes a SQL injection in Joomla!’s EventList component (com_eventlist) versions 0.8 and earlier. The vulnerability arises in the index.php file when processing the details action with theDid parameter, allowing remote attackers to execute arbitrary SQL commands. Impact and remed...

7.5CVSS8.4AI score0.02203EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2007/08/22 11:17 p.m.9 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in index.php in Linkliste 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the 1 styltop, 2 urleintrag, or 3 stylthemen parameter...

7.5CVSS8.1AI score0.03325EPSS
Exploits1References7Affected Software1
Prion
Prion
added 2007/08/22 11:17 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in the WordPress Classic 1.5 theme in WordPress before 2.1.3 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO PHPSELF...

4.3CVSS6.1AI score0.01923EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2007/08/22 11:0 p.m.73 views

CVE-2007-4483

CVE-2007-4483 affects the WordPress Classic theme (1.5) prior to WordPress 2.1.3. The issue is a cross-site scripting (XSS) flaw in index.php via PATH_INFO (PHP_SELF). Impact: remote attackers can inject arbitrary web script or HTML.Remediation: update the WordPress Classic theme (or apply the fi...

4.3CVSS5.6AI score0.01923EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2007/08/22 12:0 a.m.17 views

WordPress Sirius Theme <= 1.0 - XSS

Because of this vulnerability in index.php, the attackers can inject arbitrary web script or HTML via the PATHINFO. Solution Update the theme...

4.3CVSS2.7AI score0.01857EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2007/08/22 12:0 a.m.24 views

WordPress Pool Theme <= 1.0.7 - XSS

Because of this vulnerability in index.php, the attackers can inject arbitrary web script or HTML via the PATHINFO. Solution Update the theme...

4.3CVSS2.6AI score0.03825EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2007/08/21 6:17 p.m.20 views

CVE-2007-4453

Multiple cross-site scripting XSS vulnerabilities in vBulletin 3.6.8 allow remote attackers to inject arbitrary web code or HTML via the 1 s parameter to index.php, and the 2 q parameter to a faq.php, b member.php, c memberlist.php, d calendar.php, e search.php, f forumdisplay.php, g...

4.3CVSS6AI score0.01022EPSS
Exploits0References3
Prion
Prion
added 2007/08/21 6:17 p.m.19 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in vBulletin 3.6.8 allow remote attackers to inject arbitrary web code or HTML via the 1 s parameter to index.php, and the 2 q parameter to a faq.php, b member.php, c memberlist.php, d calendar.php, e search.php, f forumdisplay.php, g...

4.3CVSS6.2AI score0.01022EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2007/08/15 7:17 p.m.11 views

CVE-2007-4359

Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems JobLister3 allow remote attackers to execute arbitrary SQL commands via 1 the search form or 2 the jobid parameter to index.php in a showbyID action...

6.8CVSS8.5AI score0.01105EPSS
Exploits1References6
Prion
Prion
added 2007/08/14 6:17 p.m.20 views

Design/Logic Flaw

index.php in Ryan Haudenschilt Family Connections FCMS before 0.9 allows remote attackers to access an arbitrary account by placing the account's name in the value of an fcmsloginid cookie. NOTE: this can be leveraged for code execution via a POST with PHP code in the content parameter...

10CVSS8AI score0.08925EPSS
Exploits1References10Affected Software1
Prion
Prion
added 2007/08/14 6:17 p.m.10 views

Remote file inclusion

PHP remote file inclusion vulnerability in index.php in phpDVD 1.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the dvdconfigfile parameter...

7.5CVSS8AI score0.01348EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2007/08/14 12:0 a.m.19 views

CVE-2007-4329

Multiple PHP remote file inclusion vulnerabilities in Web News 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the configrootordner parameter to 1 index.php, 2 news.php, or 3 feed.php...

7.6AI score0.07029EPSS
Exploits1References9
CVE
CVE
added 2007/08/14 12:0 a.m.46 views

CVE-2007-4325

Gaestebuch 1.5 is affected by a PHP remote file inclusion in index.php triggered by a URL in the config[root_ordner] parameter. The underlying issue is that a user-supplied path is used in a context that allows inclusion of arbitrary PHP code, enabling remote code execution. The vulnerability aff...

6.8CVSS7.5AI score0.02768EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2007/08/09 9:17 p.m.26 views

CVE-2007-4290

Multiple PHP remote file inclusion vulnerabilities in Guestbook Script 1.9 allow remote attackers to execute arbitrary PHP code via a URL in the scriptroot parameter to 1 delete.php, 2 edit.php, or 3 inc/common.inc.php; or 4 database.php, 5 entries.php, 6 index.php, 7 logout.php, or 8 settings.ph...

9.8CVSS7.6AI score0.0157EPSS
Exploits0References4
NVD
NVD
added 2007/08/08 1:17 a.m.17 views

CVE-2007-4175

Multiple cross-site scripting XSS vulnerabilities in index.php in OpenRat CMS 0.8-beta1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 subaction and 2 action parameters...

4.3CVSS5.8AI score0.01062EPSS
Exploits1References3
Prion
Prion
added 2007/08/08 1:17 a.m.13 views

Sql injection

SQL injection vulnerability in main.php in paBugs 2.0 Beta 3 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php...

7.5CVSS9.1AI score0.0101EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2007/08/08 1:17 a.m.10 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in WebDirector 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the deslocal parameter...

4.3CVSS6.2AI score0.01545EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder